Director, Cybersecurity & Compliance

Vertical Talent Solutions

Knoxville, Tennessee

JOB DETAILS
SKILLS
Auditing, Automation, Business Continuity Planning (BCP), Cloud Computing, Communication Skills, Computer Security, Customer Relations, DNS (Domain Name System), Defense Federal Acquisition Regulations Supplement (DFARS), Disaster Recovery, Documentation, Documentation Standards, Email Security, Endpoint Security, Firewalls, HIPAA (Health Insurance Portability and Accountability Act), Incident Response, Internet Security, Leadership, Maintain Compliance, Mentoring, Microsoft Product Family, Microsoft Windows Azure, Operational Improvement, Operations Planning, Operations Processes, Operations Security (OPSEC), Organizational Development/Management, Phishing, Policy Development, Presentation/Verbal Skills, Process Development, Protective Services, Ransomware, Regulatory Compliance, Regulatory Requirements, Risk, Risk Analysis, Risk Management, Sales Strategy, Security Compliance, Security Information and Event Management (SIEM), Security Infrastructure, Security Monitoring, Service Delivery, Strategic Analysis, Strategic Planning, Technical Strategy, Technical Writing, U.S. National Institute of Standards and Technology (NIST)
LOCATION
Knoxville, Tennessee
POSTED
3 days ago

Director, Cybersecurity & Compliance

Employment Type: Full-Time

Work Model: Onsite

Reports To: Chief Technology Officer (CTO)


Position Overview

We are seeking an experienced Director of Cybersecurity & Compliance to lead cybersecurity operations, compliance execution, and security service delivery across a growing managed services organization. This is a strategic, hands-on leadership role responsible for strengthening cybersecurity operations, maturing a CMMC-focused managed services practice, and ensuring security services are technically sound, operationally repeatable, and aligned with regulatory requirements including CMMC Level 2, NIST SP 800-171, SOC 2, HIPAA, and DFARS.


The ideal candidate combines deep cybersecurity operations experience with practical compliance expertise, strong leadership skills, and the ability to translate complex regulatory requirements into scalable operational processes.


Leadership Responsibilities

This role provides leadership across cybersecurity operations while partnering closely with executive leadership, cloud, infrastructure, networking, service operations, strategic advisors, sales, vendors, and compliance partners. The Director will mentor and develop cybersecurity staff while helping shape future security operations and compliance teams.


Success in This Role

  • Build a mature, scalable cybersecurity operations program
  • Successfully support CMMC readiness and ongoing compliance initiatives
  • Strengthen security service delivery and operational consistency
  • Improve incident response, vulnerability management, and risk reduction
  • Develop repeatable processes, documentation, and technical standards
  • Build a high-performing cybersecurity team while serving as a trusted advisor to both clients and executive leadership


Key Responsibilities

Cybersecurity Operations

  • Lead day-to-day cybersecurity operations and security personnel
  • Oversee managed security services including:
  • Endpoint Detection & Response (EDR)
  • Identity Threat Detection
  • Vulnerability Management
  • SIEM & Logging
  • Email Security
  • DNS Filtering
  • Security Awareness Training
  • Serve as the senior escalation point for security incidents, alerts, vulnerabilities, and client risk concerns
  • Maintain security playbooks, incident response procedures, escalation paths, and operational workflows
  • Review service performance, recurring issues, remediation trends, and client risk patterns

Compliance & CMMC

  • Lead cybersecurity and compliance initiatives supporting CMMC Level 2 readiness
  • Ensure operational processes align with NIST 800-171, DFARS, SOC 2, HIPAA, and client compliance requirements
  • Develop and maintain compliance frameworks, evidence management, remediation tracking, documentation standards, and assessment readiness
  • Coordinate with external assessors, compliance partners, and consultants
  • Validate technical controls, evidence, and documentation prior to audits and client assessments

Security Architecture & Standards

  • Develop and maintain security standards, secure baselines, and implementation guidelines
  • Standardize security platforms across Microsoft 365, Entra ID, Azure, endpoints, servers, firewalls, backups, and cloud environments
  • Evaluate cybersecurity tools and vendors for technical fit, operational efficiency, and long-term scalability
  • Partner with Infrastructure, Cloud, Network, and Service teams to ensure consistent security implementation

Threat & Vulnerability Management

  • Oversee incident response, vulnerability remediation, and security event management
  • Develop playbooks for phishing, ransomware, compromised accounts, endpoint threats, and critical vulnerabilities
  • Coordinate response efforts with internal teams, clients, vendors, and external responders
  • Recommend automation, policy improvements, and operational enhancements to reduce organizational risk

Governance & Client Advisory

  • Lead internal security governance, policies, risk management, audit readiness, disaster recovery, and business continuity planning
  • Present cybersecurity strategy, risk assessments, and executive briefings to clients and leadership
  • Support strategic planning, technical discovery, solution validation, and cybersecurity roadmaps
  • Ensure client recommendations are technically sound, operationally achievable, and aligned with compliance requirements


Required Qualifications

  • Extensive leadership experience in cybersecurity operations and compliance
  • Strong knowledge of:
  • CMMC Level 2
  • NIST SP 800-171
  • DFARS
  • SOC 2
  • HIPAA
  • Experience leading Security Operations, Incident Response, Vulnerability Management, and Compliance Programs
  • Strong understanding of Microsoft security technologies, Azure, Microsoft 365, Entra ID, endpoint security, SIEM, identity protection, backup, and cloud security
  • Experience developing operational processes, security standards, documentation, and governance frameworks
  • Excellent leadership, communication, and client-facing presentation skills


About the Company

V

Vertical Talent Solutions